Apple acknowledges Mac Defender malware, promises update (opens in new tab)

(arstechnica.com)

33 pointsnoctrine15y ago26 comments

26 comments

18 comments · 7 top-level

tptacek15y ago· 6 in thread

Malware is so rare on the Mac that Apple set up an entire web page to deal with the one trojan currently known to be impacting Mac users.

Macs aren't more secure than Windows machines, but they're still undeniably safer (at least for normal people).

demetris15y ago

“Malware is so rare on the Mac that Apple set up an entire web page to deal with the one trojan currently known to be impacting Mac users.”

I read that and I thought Apple had set up a top-level page. I then saw it is an article in Apple’s knowledge base.

As far as I know, this is the same thing Microsoft does for distinguished malware: articles in the knowlegde base. E.g., here is an old one for Blaster:

http://support.microsoft.com/kb/826955

tptacek15y ago

Blaster wasn't a trojan; it was a worm that actively compromised Windows machines, took out entire huge enterprises (including major military networks), hit the front page of CNN, and (IIRC) prompted a Congressional inquiry about regulating software security.

Not exactly apples/apples.

beedogs15y ago

"Macs aren't more secure than Windows machines, but they're still undeniably safer (at least for normal people)."

That's a pretty absurd statement which, if it even made sense, would be far more applicable in the Bad Old Days of Windows XP.

epistasis15y ago

It makes plenty of sense, and I don't think it's absurd in the least. It's the difference between locking your bike up in the middle of NYC vs. locking it up in a small rural town with identical locks to identical fixtures. One of these situations is much safer, even though there's no security difference.

1 more reply

drivebyacct215y ago

What browser or operating system can you, by simply clicking an image in Google Images, have an installer pop up basically just waiting for a password to have malware everywhere?

I don't really buy the claim that OS X is intrinsically more secure than Windows these days.

tptacek15y ago

That's good, because nobody made that claim.

1 more reply

shawndumas15y ago

http://support.apple.com/kb/HT4650

Sidnicious15y ago· 2 in thread

As an IT professional, I’m honestly not sure how to feel about this.

On the one hand, it’s great that all the variants of MacDefender currently out there will be neutralized.

On the other hand, we’re surely going to see new flavors that go undetected by the update. Apple is getting into the anti-virus game, and potentially starting an arms race. But, what else could Apple do in this situation?

LogicX15y ago

I think the key here is that this is a trojan installed by the user. Education is the greatest weapon against this type of attack -- not trying to keep up with users reinfecting themselves with each variant.

r00fus15y ago

For starters, they could overhaul the concept of "safe files". This is the vector that allows auto-downloads and installer execution.

MacDefender is relatively tame. Next time it could be a rootkit packaged in a trojan.

hexley15y ago

Wow, check out the removal steps in the kb article. Quit the app using Activity Monitor then delete from /Applications. Clearly we have a long way to go...

hobolobo15y ago· 1 in thread

An interesting question is whether this is merely a blip or part of a trend. Apple's user base must be an enormously tempting target for malware creators.

innes15y ago

To answer this question, we'd need to know whether various things will change in the future:

Will criminals stop wanting to scam people?

Will non-technical users somehow get more savvy?

Will the Apple userbase get smaller and thus less lucrative?

kapitalx15y ago

It is inevitable that as mac becomes more popular, we'll see more viruses and malware.

vacri15y ago· 2 in thread

heh, given that Apple was previously directing staffers not to acknowledge it, when I read this headline all I could think of was Jobs telling a press conference "OSX now has malware. This is a new, must-have feature that will revolutionise the industry!"...

ddagradi15y ago

Apple is pretty damn careful about not making press releases until they have a clear, concise and informative statement to make. Staffers were likely instructed not to address it because the official response was forthcoming. Yes, it's a slow response, but not worth attributing to malice.

chicagobob15y ago

As Gruber says: Measure Twice, Cut Once is the Apple approach

j / k navigate · click thread line to collapse

26 comments

18 comments · 7 top-level

tptacek15y ago· 6 in thread

Malware is so rare on the Mac that Apple set up an entire web page to deal with the one trojan currently known to be impacting Mac users.

Macs aren't more secure than Windows machines, but they're still undeniably safer (at least for normal people).

demetris15y ago

“Malware is so rare on the Mac that Apple set up an entire web page to deal with the one trojan currently known to be impacting Mac users.”

I read that and I thought Apple had set up a top-level page. I then saw it is an article in Apple’s knowledge base.

As far as I know, this is the same thing Microsoft does for distinguished malware: articles in the knowlegde base. E.g., here is an old one for Blaster:

http://support.microsoft.com/kb/826955

tptacek15y ago

Not exactly apples/apples.

beedogs15y ago

"Macs aren't more secure than Windows machines, but they're still undeniably safer (at least for normal people)."

That's a pretty absurd statement which, if it even made sense, would be far more applicable in the Bad Old Days of Windows XP.

epistasis15y ago

1 more reply

drivebyacct215y ago

What browser or operating system can you, by simply clicking an image in Google Images, have an installer pop up basically just waiting for a password to have malware everywhere?

I don't really buy the claim that OS X is intrinsically more secure than Windows these days.

tptacek15y ago

That's good, because nobody made that claim.

1 more reply

shawndumas15y ago

http://support.apple.com/kb/HT4650

Sidnicious15y ago· 2 in thread

As an IT professional, I’m honestly not sure how to feel about this.

On the one hand, it’s great that all the variants of MacDefender currently out there will be neutralized.

LogicX15y ago

r00fus15y ago

For starters, they could overhaul the concept of "safe files". This is the vector that allows auto-downloads and installer execution.

MacDefender is relatively tame. Next time it could be a rootkit packaged in a trojan.

hexley15y ago

Wow, check out the removal steps in the kb article. Quit the app using Activity Monitor then delete from /Applications. Clearly we have a long way to go...

hobolobo15y ago· 1 in thread

An interesting question is whether this is merely a blip or part of a trend. Apple's user base must be an enormously tempting target for malware creators.

innes15y ago

To answer this question, we'd need to know whether various things will change in the future:

Will criminals stop wanting to scam people?

Will non-technical users somehow get more savvy?

Will the Apple userbase get smaller and thus less lucrative?

kapitalx15y ago

It is inevitable that as mac becomes more popular, we'll see more viruses and malware.

vacri15y ago· 2 in thread

ddagradi15y ago

chicagobob15y ago

As Gruber says: Measure Twice, Cut Once is the Apple approach

j / k navigate · click thread line to collapse